MikroTik RouterOS Online Training Class Special Series 3

Similar documents
CCNA TECHNOLOGIES SERIES

MIKROTIK ROUTEROS BURMESE VERSION ONLINE TRAINING CLASS CHAPTER 1

MIKROTIK ROUTEROS LAB WITH VIRTUALIZATION TECHNOLOGIES YANGON, MYANMAR

SITE-TO-SITE LAYER 2 VPN WITH PPP BCP

Redundancy and Performance on Point to Point link

Access Point Redundancy

MikroTik Certified Network Associate (MTCRE) Training/Exam

PPP Tunneling. Step by step explanation and configuration for creating PPP Tunnel

Aggregate Load Balance with BGP and MPLS MUM ID Oktober 2018 Yogyakarta, Indonesia

Use cases and pitfalls. in MPLS/VPLS networks. MUM EU 2018 Berlin Sebastian Inacker FMS Internetservice GmbH

Wireless and Wired Bridging using Vlan.

Plug and play solution for managing lan users with MikroTik RouterOS

MikroTik RouterOS Training. Routing. Schedule. Instructors. Housekeeping. Introduce Yourself. Course Objective 7/4/ :00 10:30 Morning Session I

Switching, VLAN, QinQ in Ros 6.41 Onwards and their application to CRS 3.xx models. SOUMIL GUPTA BHAYA Mikortik Certified Trainer

MIKROTIK CERTIFIED ROUTING ENGINEER MTCRE

A redundant router for $79,90

Understanding Load Balance and Policy Route. andrew zheng! edcwifi co limited

Certified User Management Engineer (MTCUME) Training outline

IMPLEMENTING NETWORK SECURITY. RouterOS. with IP FIREWALL. ADVANCED and EXTRA CONDITIONS

Easy Setup of IP Based CAPsMAN with link failover & CAPs monitor

GuideTorrent. The best excellent exam certification guide torrent and dumps torrent provider

CRS328 as a Layer 2 Switch UK MUM 2018

VPNS BY RICK FREY.

Pass4sures. Latest Exam Guide & Learning Materials

Top-Down Network Design

Cisco CCNA (ICND1, ICND2) Bootcamp

IT Certification Exams Provider! Weofferfreeupdateserviceforoneyear! h ps://

JN0-343 Q&As. Juniper Networks Certified Internet Specialist (JNCIS-ENT) Pass Juniper JN0-343 Exam with 100% Guarantee

COURSE O V E R V I E W

Copyright Link Technologies, Inc.

Buy full file at

MikroTik, A Router for Today & Tomorrow


Manual:BCP bridging (PPP tunnel bridging)

CCNA 3 (v v6.0) Chapter 3 Exam Answers % Full

TestOut Routing and Switching Pro - English 6.0.x COURSE OUTLINE. Modified

Wireless LAN Controller (WLC) Mobility Groups FAQ

PassTorrent. Pass your actual test with our latest and valid practice torrent at once

Cisco Certified Network Associate ( )

Implement Inter-VLAN Routing. LAN Switching and Wireless Chapter 6 Modified by Tony Chen 11/01/2008

Tunneling Configuration Guide for Enterprise

CCNA Cisco Certified Network Associate CCNA (v3.0)

MikroTik SwOS Basic VLAN Configuration

CCNA. Murlisona App. Hiralal Lane, Ravivar Karanja, Near Pethe High-School, ,

MikroTik SwOS Basic VLAN Configuration

Virtual Private Networks Advanced Technologies

New Features and Updates in RouterOS

CCNA Routing and Switching (NI )

Exam Name: CCNA - Cisco Certified Network Associate

Planning & Implementing IPv6

CCNA. Course Catalog

HTB vs PCQ. by: Valens Riyadi Citraweb Nusa Infomedia, Indonesia

Configuring a Wireless LAN Connection

CCNA Exploration Network Fundamentals

CCNP SWITCH (22 Hours)

MUM Lagos Nigeria Nov 28th IPv6 Demonstration By Mani Raissdana

Manual:Interface/Bridge - MikroTik Wiki

Example: Setting Up Basic Bridging and a VLAN for an EX Series Switch

PASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year

3. What could you use if you wanted to reduce unnecessary broadcast, multicast, and flooded unicast packets?

Configuring VLANs. Understanding VLANs CHAPTER

MUM Ho Chi Minh, Vietnam April Sao Thiên Vương - 1

Exam Topics Cross Reference

Zero To Hero CCIE CCNP

Certified Network Associate (MTCNA) Riga, Latvia January 1 - January 3, 2016

Virtual Private Networks Advanced Technologies

H3C SR6600 Routers DVPN Configuration Example

Table of Contents. Cisco Quality of Service Options on GRE Tunnel Interfaces

Enterprise. Nexus 1000V. L2/L3 Fabric WAN/PE. Customer VRF. MPLS Backbone. Service Provider Data Center-1 Customer VRF WAN/PE OTV OTV.

tunnel destination through tunnel source

RAJIV GANDHI COLLEGE OF ENGINEERING AND TECHNOLOGY

Configuring Virtual Private LAN Services

CCNA Routing and Switching Scope and Sequence

Competency Training standard

IOS/CCP: Dynamic Multipoint VPN using Cisco Configuration Professional Configuration Example

"Charting the Course... Interconnecting Cisco Networking Devices Accelerated 3.0 (CCNAX) Course Summary

CCNA ROUTING & SWITCHING

The primary audience for this course includes Network Administrators, Network Engineers,

SPANNING TREE PROTOCOL GUIDE FOR ARAKNIS NETWORKS EQUIPMENT

DPX8000 Series Deep Service Switching Gateway User Configuration Guide Firewall Service Board Module v1.0

Chapter 3 Part 2 Switching and Bridging. Networking CS 3470, Section 1

SYSTEMS ADMINISTRATION USING CISCO (315)

Maintaining Specific VLAN Identification. Comparing ISL and 802.1Q. VLAN Trunking

Junos MPLS and VPNs. Day(s): 5. Course Code: Overview

Monitoring the Network (CPE and WBS)

Vendor: HP. Exam Code: HP2-Z32. Exam Name: Implementing HP MSM Wireless Networks. Version: Demo

Configuring the WMIC for the First Time

Routeros Firewall Mikrotik

Configuring your VLAN. Presented by Gregory Laffoon

Switched Ethernet Virtual LANs

Configuring VLANs. Understanding VLANs CHAPTER

CCNA Routing and Switching Study Guide Chapters 1 & 15: Enhanced Switching

Networking interview questions

CISCO Certified Network Associate (CCNAX)

CCIE ROUTING & SWITCHING V5.0

Chapter 5: STP. * What is STP? How does STP work?

Service Managed Gateway TM. How to Configure and Debug Generic Routing Encapsulation (GRE)

Virtual Tunnel Interface

CCNA Semester 3 labs. Part 1 of 1 Labs for chapters 1 8

VPN World. MENOG 16 Istanbul-Turkey. By Ziad Zubidah Network Security Specialist

Transcription:

MikroTik RouterOS Online Training Class Special Series 3 1 Burmese Version Phyo Phyo Hein B. C. Tech (hons), MikroTik Certified Trainer and Consultant MTCNA, MTCRE, MTCWE, MTCTCE, MTCUME, MTCINE CCNA R&S, CCNP R&S, CCIP, JNCIA-Junos, JNCDA

EOIP VPN in Hub and 2 Spoke Topology Presented by Phyo Phyo Hein 14-05-2017 Information Beam Co.,Ltd

3 About Me Phyo Phyo Hein B. C. Tech (hons) MikroTik Consultant Director of Information Beam Co.,Ltd. Experiences: Cisco instructor since 2005 at i-beam Co., Ltd SingTel Mobile Support Network Engineer at NCS Co., Ltd (2008-2010) Nera Telecommunications (Singapore) (2011-2012) System Integration Manager at Yatanarpon Teleport (2012-2014) Enterprise/ISP Manager at Kinetic Myanmar Technology (2014-2016) Certifications: Cisco CCNA R&S, CCNP R&S, CCIP, CCIE R&S Written Juniper JNCIA-Junos, JNCDA

4 What is EOIP? Stands for Ethernet Over IP. A MikroTik Proprietary Protocol. Use GRE Protocol (Protocol ID 47). Configurable as Layer 2 VPN or Layer 3 VPN L2VPN: All sites in same subnet L3VPN: Each Site is in separate subnet. No Encryption by default. Tunnel MAC address Range : 00:00:5E:80:00:00-00:00:5E:FF:FF:FF IPsec for encryption as optional. Can be run over PPTP or IPIP Tunnel or any connections which is able to transport IP.

5 Why do we use EOIP? Case Scenario Bridging the LANs of the Offices where are located in different Countries. Head Quarter s Requirement Internet Line Public IP Branch Office s Requirement Internet Line Public IP EOIP Solution which can bridge office LANs across internet.

6 Case Scenario of Bridging Multiple Office LANs

7 Pros and Cons Pros Office LANs can be in same subnet by bridging EOIP and LAN. Cons No Encryption by default. Can cause Layer 2 Loop Broadcast Domain, Unicast Flooding, MAC Table Instability..etc. Solutions for L2 Loop STP(Spanning Tree Protocol) RSTP (Rapid Spanning Tree Protocol)

8 How To Secure EOIP Tunnel By default, there is no Encryption. Optionally, IPsec Secret can be added for encrypting EOIP Traffic. Need to specify both local address and remote address of Tunnel. Automatically adds IPsec Peer with Pre-shared key and Policy with default-values (by default phase2 uses sha1/aes128cbc)

9 IPsec Secret For Encryted EOIP Traffic

10 MTU Factor Consideration Total MTU of EOIP 1542 bytes MTU 1500+42 bytes EOIP Header ((8byte GRE + 14 byte Ethernet + 20 byte IP). Use Case : Bridging L3MTU 1500, no change to underlying link MTU, fragmentation happens L3MTU 1500, change underlying link MTU, no fragmentation Use Case : Routing can set lower MTU to avoid EoIP GRE packets fragmentation 1500-IP-Ethernet-GRE=1458

11 LAB SETUP HUB Router Configure WLAN as AP Mode, SSID, Security Profiles. Configure WLAN IP Address. Configure LAPTOP IP as 192.168.99.1/24. Configure EOIP Tunnels to each Branch Routers. Create Bridge and Add EOIP Tunnel and LAN Port to the Bridge. BRANCH Routers Configure WLAN as Station and Connect to HUB Router SSID. Configure WLAN IP Address (10.100.0.X/24) Configure LAPTOP IP to be the same subnet IP as Hub Routers. (192.168.99.X/24) Create EOIP Tunnel to Hub Router. Create Bridge and Add EOIP Tunnel and LAN Port to the Bridge.

12 HUB ROUTER CONFIG Basic Setup Tunnel Configuration Bridge Configuration and add ports to Bridge

13 Wireless AP Configuration

14 Wireless AP Security Profile Wireless => Security Profile

15 WLAN IP CONFIGURATION

16 EOIP TUNNEL SET UP with BRANCH01

17 EOIP TUNNEL SETUP with BRANCH01

18 BRIDGE SET UP

19 ADD EOIP TUNNEL TO BRIDGE PORTS

20 ADD LAN PORT TO BRIDGE PORTS

21 EOIP SETUP WITH BRANCH02

22 ADDING TUNNEL PORTS TO BRIDGE PORTS

23 ASSIGN IP TO LAPTOP S LAN IP

24 PING TO BRANCH LAN IPs

25 BRANCH ROUTER CONFIG Connect to WLAN AP Tunnel Configuration Bridge Configuration/Adding ports to Bridge

26 WIRELESS CONFIGURATION

27 WIRELESS SECURITY PROFILE CONFIGURATION

28 BRANCH ROUTER EOIP TUNNEL CONFIG

29 BRANCH ROUTER BRIDGE CONFIG

30 PING TO HUB LAN

31 PING FROM BRANCH TO BRANCH

32 SPANNING TREE PROTOCOL Builds loop-free network for Ethernet Networks. Prevents L2 Bridging Loops Broadcast Loop and Unicast Flooding Issues. Makes it easier for Redundancy Network Links without loop issue When Primary Link is down, auto-failover to secondary link Non-Designated (BLK) port changed to Forwarding State Selection of Root Bridge per Network Lowest Priority Priority Ties: Lowest MAC

33 Wastes bandwidth Traffic Congestion on low cost bandwidth Potential Issue In Hub and Spoke 1M HUB ROUTER R1 1M 1M R4 to R3 R4-R1-R2-R3 (instead of R4-R1-R3) R3 to R4 R3-R2-R1-R4 (instead of R3-R1-R4) 512k 512k R4 R2 256k ROOT BRIDGE (Lowest Bridge ID (Lowest Priority/Lowest MAC) R3

34 Solution!!! R1 (Hub Router) should be set as root bridge in RSTP R1 (Root Bridge- Hub) 1M 1M 1M 512k 512k R4 R2 256k R3

35 ROOT BRIDGE SETTING

36 VERIFICATION OF ROOT BRIDGE

37 Q & A Section!!! Please feel free to ask me if you have any question.

38 THANKS FOR YOUR ATTENTION!!!!

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback